Skip to content

SocketDev/action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Socket Security (GitHub Action)

A GitHub Action for running Socket.dev

Tip

A GitHub App is also available for a fully automated SCA workflow.

Usage

This action can run in multiple modes:

Socket Firewall: Free

Downloads and installs Socket Firewall: Free edition in your GitHub Action job, making it available to use in subsequent steps.

on: push

jobs:
  safe-install:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - uses: SocketDev/action@v1
        with:
          mode: firewall-free

      # javascript / typescript
      - run: sfw npm install # or yarn, pnpm

      # rust
      - run: sfw cargo fetch

      # python
      - run: sfw pip install -r requirements.txt

Inputs

Input Description Required Default
firewall-version Specify the firewall version number No latest
job-summary Create a job summary No true
use-cache Cache the Socket binaries (force download if false) No true
github-token GitHub API Token used for downloading binaries No ${{ github.token}}

Outputs

Output Description
firewall-path-report Path to the generated firewall report JSON
firewall-path-binary Path to the installed binary

Socket Firewall: Enterprise

Downloads and installs Socket Firewall: Enterprise edition in your GitHub Action job, making it available to use in subsequent steps as a wrapper.

on: push

jobs:
  safe-install:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - uses: SocketDev/action@v1
        with:
          mode: firewall-enterprise
          socket-token: ${{ secrets.SOCKET_API_KEY }}

      # javascript / typescript
      - run: sfw npm install # or yarn, pnpm

      # rust
      - run: sfw cargo fetch

      # python
      - run: sfw pip install -r requirements.txt

Inputs

Input Description Required Default
firewall-version Specify the firewall version number No latest
job-summary Create a job summary No true
use-cache Cache the Socket binaries (force download if false) No true
github-token GitHub API Token used for downloading binaries YES ${{ github.token}}

Outputs

Output Description
firewall-path-report Path to the generated firewall report JSON
firewall-path-binary Path to the installed binary

About

GitHub Action to run Socket in CLI or Firewall mode

socket.dev

Topics

security firewall dependency-management

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases 11

v1 Latest
Oct 8, 2025
+ 10 releases

Contributors 3

  •  
  •  
  •  

Languages